The ramifications of this breach are profound. Cybercriminals who gained
access to the AnyDesk portal could glean valuable information about
customers, including license keys, active connections, session
durations, contact information, email addresses, and the number of
managed remote access hosts, all with their online/offline status and
IDs. Such details open up a plethora of malicious possibilities.
In light of this breach, AnyDesk customers must take proactive steps
to protect their accounts and data. Password changes alone are
insufficient. AnyDesk offers a whitelist feature, enabling users to specify who can connect to their devices, adding an extra layer of security.
Multi-factor
authentication (MFA) is strongly recommended to enhance account
protection. Organizations should also monitor for any unexpected
password and MFA changes, suspicious sessions, and emails referencing
AnyDesk accounts from unknown sources.
Are there any good alternatives these days for occasional remote management of a Win10 machine from a Linux desktop? I do occasional support for a club, and it's helpful to not have to go there.
Used to use logMeIn. Then TeamViewer (but they got popped too). Then AnyDesk. Contemplating I might need to just TailScale and use RDP, but I need to be able to do it with no interaction at the remote end.
just f the rest of us blue teamers right. can;t even have a fing quiet saturday.
week after week after week.
and holier than thou it people call us incompetant just because we won;t allow a half dozen unmonitorable open source solutions hacked together as an alternative to using vendor crap. :)
Readit News
In light of this breach, AnyDesk customers must take proactive steps to protect their accounts and data. Password changes alone are insufficient. AnyDesk offers a whitelist feature, enabling users to specify who can connect to their devices, adding an extra layer of security. Multi-factor authentication (MFA) is strongly recommended to enhance account protection. Organizations should also monitor for any unexpected password and MFA changes, suspicious sessions, and emails referencing AnyDesk accounts from unknown sources.
https://securityonline.info/anydesk-breach-2024-dark-web-sal...
Used to use logMeIn. Then TeamViewer (but they got popped too). Then AnyDesk. Contemplating I might need to just TailScale and use RDP, but I need to be able to do it with no interaction at the remote end.
Deleted Comment
I noticed Microsoft seems to always do this. Is this common practice for everyone now?
and holier than thou it people call us incompetant just because we won;t allow a half dozen unmonitorable open source solutions hacked together as an alternative to using vendor crap. :)
Security teams should be enablers, and work to find ways to add monitoring - not just “the no department”.